"The misfortune here for the banks is that they can have the best fraud-detection systems out there ... but it all breaks down when they call the 'hacker' to verify the transaction," says Gartner's Avivah Litan.
Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.
Alisdair Faulkner of ThreatMetrix says financial institutions and businesses should focus on five key security areas. What make up the top five, and where do banks need to make the greatest fraud-prevention investments?
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
IT security provider Symantec says it identified multiple publisher identifications on the Android Market that are being used to push out Android.Counterclank, which it characterizes as a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.
People, as much as anything else, are a critical aspect of information risk management, and businesses and government agencies must monitor employees - and educate them, as well - to thwart a potential threat from within.